Andrew Bartlett [Thu, 21 Jul 2011 07:06:17 +0000 (17:06 +1000)]
s4-auth Move conversion of security_token to unix_token to auth
This allows us to honour the AUTH_SESSION_INFO_UNIX_TOKEN flag.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Andrew Bartlett [Thu, 21 Jul 2011 05:39:27 +0000 (15:39 +1000)]
gensec: Add a way to request a unix token from GENSEC
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Andrew Bartlett [Thu, 21 Jul 2011 05:37:41 +0000 (15:37 +1000)]
ntvfs: Use security_unix_token from auth.idl
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Andrew Bartlett [Fri, 22 Jul 2011 03:00:21 +0000 (13:00 +1000)]
s3-selftest Add tests for 'map to guest = bad user'
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Andrew Bartlett [Tue, 26 Jul 2011 07:04:40 +0000 (17:04 +1000)]
selftest: Avoid being run over by armies of the undead
Ignore SIGCHILD to reap zombies
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Andrew Bartlett [Wed, 27 Jul 2011 02:06:22 +0000 (12:06 +1000)]
nbt: Add comment explaining that these responses are manually encoded
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Andrew Bartlett [Wed, 27 Jul 2011 05:42:45 +0000 (15:42 +1000)]
selftest: explain how the message command test works
Andrew Bartlett [Wed, 27 Jul 2011 21:55:09 +0000 (07:55 +1000)]
s4-lsa Use the supplied handle in LsaLookupNames2
In my rework of this function in 2006 with
459a2301a5d63f5a1a6b27996c8a0358b20f2ab2 I ignored the incoming
handle, instead feching the LSA state again (dispite the commit
message indicating otherwise).
This means that data->access_mask is uninitialised, which doesn't
matter right now, but will once we start checking that.
Andrew Bartlett
Andrew Bartlett [Fri, 29 Jul 2011 02:10:39 +0000 (12:10 +1000)]
s4-debug: Start with DEBUG_DEFAULT_STDOUT, so we can log to a file in deamons
In commit
3c9d01e3e58e2217915317406541ac8c6f6dcf92 I changed the priority order
and added DEBUG_DEFAULT_STDOUT, but did not check all the callers.
Andrew Bartlett
Andreas Schneider [Thu, 28 Jul 2011 15:12:24 +0000 (17:12 +0200)]
s3-printing: Add forward declaration for dcerpc_binding_handle.
This fixes a build warning.
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Thu Jul 28 20:07:37 CEST 2011 on sn-devel-104
Volker Lendecke [Thu, 28 Jul 2011 12:24:40 +0000 (14:24 +0200)]
s3: Priorize the async echo responder over the client
Without this, an active client connection can starve the echo responder. This
leads to apparently "lost" SMBs.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Thu Jul 28 18:53:38 CEST 2011 on sn-devel-104
Volker Lendecke [Thu, 28 Jul 2011 12:09:13 +0000 (14:09 +0200)]
tevent: Slightly simplify poll_event_loop_poll
No real code change. Do an early return instead of an if-statement, avoiding
one level of indentation.
Volker Lendecke [Tue, 26 Jul 2011 13:39:58 +0000 (15:39 +0200)]
s3: Remove unused smbd_echo_reader()
Volker Lendecke [Tue, 26 Jul 2011 13:39:29 +0000 (15:39 +0200)]
s3: Use smbd_echo_read_send in the async echo handler
Volker Lendecke [Tue, 26 Jul 2011 13:07:22 +0000 (15:07 +0200)]
s3: Add smbd_echo_read_send/recv
Read a SMB packet in the echo responder, giving the parent one second to step
in
Volker Lendecke [Tue, 26 Jul 2011 13:06:44 +0000 (15:06 +0200)]
Add wait_for_read_send/recv
Wait for readability of a socket as a tevent_req
Simo Sorce [Wed, 27 Jul 2011 20:40:21 +0000 (16:40 -0400)]
s3-rpc_server: Use talloc for pipe_rpc_fns
Everything uses talloc in the rpc server nowadays, remove this ancient use of
malloc. This also allows us to remove the free fucntion and let talloc handle
it properly.
Autobuild-User: Simo Sorce <idra@samba.org>
Autobuild-Date: Thu Jul 28 17:41:08 CEST 2011 on sn-devel-104
Simo Sorce [Wed, 27 Jul 2011 20:30:42 +0000 (16:30 -0400)]
s3-rpc_server: remove useless code
We do not reuse pies_struct so there is no reason to SERO_STRUCT() it when we
are freeing it as we are done using it anyways.
Simo Sorce [Wed, 27 Jul 2011 20:27:17 +0000 (16:27 -0400)]
s3-rpc_server: remove unnecessary talloc_free
The auth_ctx is a child of pipes_struct, and this function is a used only as a
destructor on pipes_struct. So it is not really necessary to free this struct
in the destructor as it will be freed soon enough anyway.
Simo Sorce [Wed, 27 Jul 2011 19:51:17 +0000 (15:51 -0400)]
s3-rpc_server: Remove dead code
srv_str and cli_str are not used anymore.
Andreas Schneider [Thu, 28 Jul 2011 09:36:50 +0000 (11:36 +0200)]
s3-spoolss: Use existing handle in printer_driver_files_in_use().
Autobuild-User: Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date: Thu Jul 28 16:20:11 CEST 2011 on sn-devel-104
Andreas Schneider [Thu, 28 Jul 2011 09:34:08 +0000 (11:34 +0200)]
s3-spoolss: Use existing handle in printer_driver_in_use().
Volker Lendecke [Thu, 28 Jul 2011 11:41:18 +0000 (13:41 +0200)]
s3: In the async echo test, write 65k
This leads to the writev from echo responder child to parent to only deliver a
partial blob and thus excercises the retry code.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Thu Jul 28 15:07:40 CEST 2011 on sn-devel-104
Michael Adam [Thu, 28 Jul 2011 07:49:34 +0000 (09:49 +0200)]
s3:modules:nfs4_acls: improve fix for bug #8330
simplify the check insmbacl4_find_equal_special()
Signed-off-by: Michael Adam <obnox@samba.org>
Autobuild-User: Michael Adam <obnox@samba.org>
Autobuild-Date: Thu Jul 28 13:20:38 CEST 2011 on sn-devel-104
Michael Adam [Thu, 28 Jul 2011 09:15:51 +0000 (11:15 +0200)]
s3:torture: use lp_load_global() in pdbtest - this does not need shares nor IPC$
Michael Adam [Thu, 28 Jul 2011 09:04:53 +0000 (11:04 +0200)]
s3:winbindd: use lp_load_global() - winbindd does not need shares or IPC$
Michael Adam [Thu, 28 Jul 2011 08:39:45 +0000 (10:39 +0200)]
s3:smbstatus: use lp_load_global() - smbstatus does not need to load shares!
Michael Adam [Thu, 28 Jul 2011 08:34:09 +0000 (10:34 +0200)]
s3:split_tokens: use lp_load_global(), fixing the call to lp_load()
this does not need share and it dos not need to save defaults
Michael Adam [Thu, 28 Jul 2011 08:33:15 +0000 (10:33 +0200)]
s3:split_tokens: fix a nonempty blank line
Michael Adam [Thu, 28 Jul 2011 08:30:20 +0000 (10:30 +0200)]
s3: use lp_load_global() in smbw_sample -- whatever this is ... :-)
Michael Adam [Thu, 28 Jul 2011 08:28:40 +0000 (10:28 +0200)]
s3:smbtree: use lp_load_global()
Michael Adam [Thu, 28 Jul 2011 08:27:43 +0000 (10:27 +0200)]
s3:smbpasswd: use lp_load_global()
Michael Adam [Thu, 28 Jul 2011 08:27:09 +0000 (10:27 +0200)]
s3:smbfilter: use lp_load_global()
Michael Adam [Thu, 28 Jul 2011 08:26:22 +0000 (10:26 +0200)]
s3:smbcquotas: use lp_load_global()
Michael Adam [Thu, 28 Jul 2011 08:23:53 +0000 (10:23 +0200)]
s3:smbcontrol: use lp_load_global(): smbcontrol does not need to load the shares
Michael Adam [Thu, 28 Jul 2011 08:21:11 +0000 (10:21 +0200)]
s3:smbcacls: use lp_load_global()
Michael Adam [Thu, 28 Jul 2011 08:20:24 +0000 (10:20 +0200)]
s3:pdbedit: use lp_load_global()
Michael Adam [Thu, 28 Jul 2011 08:19:36 +0000 (10:19 +0200)]
s3:ntlm_auth: use lp_load_global()
Michael Adam [Thu, 28 Jul 2011 08:18:55 +0000 (10:18 +0200)]
s3:nmblookup: use lp_load_global()
Michael Adam [Thu, 28 Jul 2011 08:18:18 +0000 (10:18 +0200)]
s3:net: use lp_load_global()
Michael Adam [Thu, 28 Jul 2011 08:17:32 +0000 (10:17 +0200)]
s3:eventlogadm: use lp_load_global()
Michael Adam [Thu, 28 Jul 2011 08:16:37 +0000 (10:16 +0200)]
s3:dbwrap_torture: use lp_load_global()
Michael Adam [Thu, 28 Jul 2011 08:15:41 +0000 (10:15 +0200)]
s3:dbwrap_tool: use lp_load_global()
Michael Adam [Thu, 28 Jul 2011 08:14:27 +0000 (10:14 +0200)]
s3:smbtorture: use the lp_load_global() wrapper of lp_load()
Michael Adam [Wed, 27 Jul 2011 15:20:05 +0000 (17:20 +0200)]
s3:torture: use lp_load_global() in the strstr test
Michael Adam [Wed, 27 Jul 2011 15:06:26 +0000 (17:06 +0200)]
s3:torture: use lp_load_global in the strcmp test
Michael Adam [Wed, 27 Jul 2011 15:05:38 +0000 (17:05 +0200)]
s3:torture: use lp_load_global() in the push_ucs2 test
Michael Adam [Wed, 27 Jul 2011 15:03:51 +0000 (17:03 +0200)]
s3:torture: use lp_load_global() in the msgtest
Michael Adam [Wed, 27 Jul 2011 15:02:51 +0000 (17:02 +0200)]
s3:torture: use lp_load_global() in the masktest
Michael Adam [Wed, 27 Jul 2011 14:56:23 +0000 (16:56 +0200)]
s3:torture: use lp_load_global() in locktest2
Michael Adam [Wed, 27 Jul 2011 14:55:25 +0000 (16:55 +0200)]
s3:torture: use lp_load_global() in the locktest
Michael Adam [Wed, 27 Jul 2011 14:36:14 +0000 (16:36 +0200)]
s3:rpcclient: use the lp_load_global() wrapper of lp_load()
Michael Adam [Wed, 27 Jul 2011 14:34:53 +0000 (16:34 +0200)]
s3:nmbd: use the lp_load_global() wrapper of lp_load()
Michael Adam [Wed, 27 Jul 2011 14:31:02 +0000 (16:31 +0200)]
s3:libnet_join: use lp_load_global() wrapper of lp_load()
Michael Adam [Wed, 27 Jul 2011 14:29:04 +0000 (16:29 +0200)]
s3:libsmbconf: use lp_load_global() in the testsuite
Michael Adam [Tue, 26 Jul 2011 22:25:59 +0000 (00:25 +0200)]
s3:libnetapi: use lp_load_global()
Michael Adam [Tue, 26 Jul 2011 10:53:52 +0000 (12:53 +0200)]
s3:loadparm: make lp_set_in_client() static - only used in wrappers in loadparm now.
Michael Adam [Tue, 26 Jul 2011 10:51:04 +0000 (12:51 +0200)]
s3:pam_smbpass: use lp_load_client() in pam_smbpass
Michael Adam [Tue, 26 Jul 2011 10:46:08 +0000 (12:46 +0200)]
s3:libsmb: use lp_load_client() and lp_load_client_no_reinit() in libsmb_context
Michael Adam [Tue, 26 Jul 2011 10:44:44 +0000 (12:44 +0200)]
s3:loadparm: add wrapper lp_load_client_no_reinit()
Michael Adam [Tue, 26 Jul 2011 10:42:29 +0000 (12:42 +0200)]
s3:loadparm: add wrapper lp_load_globals_no_reinit()
Michael Adam [Tue, 26 Jul 2011 10:36:53 +0000 (12:36 +0200)]
s3:libsmb: fix a call to lp_load to reinit the globals in any case
The potential previous lp_load of $HOME/.smb/smb.conf might have failed
halfway through and might have left globals initialized in an unwanted state.
So we should make sure to clean up before loading the dyn_CONFIGFILE()
Michael Adam [Fri, 22 Jul 2011 15:28:46 +0000 (17:28 +0200)]
s3:smbspool: use lp_load_client()
Michael Adam [Fri, 22 Jul 2011 15:17:46 +0000 (17:17 +0200)]
s3:smbclient: use lp_load_client()
Michael Adam [Fri, 22 Jul 2011 15:24:38 +0000 (17:24 +0200)]
s3:loadparm: make lp_is_in_client() static - only used inside loadparm
Michael Adam [Fri, 22 Jul 2011 15:23:31 +0000 (17:23 +0200)]
s3:loadparm: add lp_load_client() that also sets the client state internally
Michael Adam [Fri, 22 Jul 2011 15:16:02 +0000 (17:16 +0200)]
s3:loadparm: add a convenience wrapper lp_load_global()
This is the use case for most callers, especially the client tools.
Michael Adam [Thu, 21 Jul 2011 12:05:24 +0000 (14:05 +0200)]
s3:loadparm: rename parameter "allow_registry_shares" to "load_all_shares"
Andrew Tridgell [Thu, 28 Jul 2011 05:14:03 +0000 (15:14 +1000)]
samba-tool: ensure prompting of passwords is in the right order
ask the creds object for the password before prompting for the new
password in the user password change code, to ensure the user is asked
for the old password first
Pair-Programmed-With: Amitay Isaacs <amitay@gmail.com>
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Thu Jul 28 08:35:45 CEST 2011 on sn-devel-104
Amitay Isaacs [Thu, 28 Jul 2011 04:17:19 +0000 (14:17 +1000)]
samba-tool: Added gpo fetch command implementation using python smb module.
To copy the GPO files, use libcli python interface list() to get directory
listing and loadfile() to read the contents of the file.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Thu, 28 Jul 2011 04:07:44 +0000 (14:07 +1000)]
samba-tool: Change samba-tool gpo semantics (use gpo name instead of dn)
Instead of using gpo dn as the key to refer to a gpo, use the gpo name
as the key.
If no URL is specified (-H option), find a writable DC and use that.
Extract a commonly used method as get_gpo_info() to find details of a GPO.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Thu, 28 Jul 2011 03:22:01 +0000 (13:22 +1000)]
s4-libcli: Initialize stack structure variables to zero.
Update do_smb_connect function to return NTSTATUS rather than raise
python exception on error. Error checking done in py_smb_new().
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Wed, 27 Jul 2011 23:23:03 +0000 (09:23 +1000)]
tests-blackbox: Revert the test to use user-level change password command
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Wed, 27 Jul 2011 08:56:35 +0000 (18:56 +1000)]
test-blackbox: use python version of change password command
Replace the "samba-tool user setpassword" command with user level
"samba-tool user password" command.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Wed, 27 Jul 2011 08:54:17 +0000 (18:54 +1000)]
test-blackbox: Rearrange arguments for samba-tool user setpassword command
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Wed, 27 Jul 2011 08:52:05 +0000 (18:52 +1000)]
test-blackbox: Remove 'domain\' from username for samba-tool user setpassword
Python version of samba-tool does not require 'domain\' prefix for username.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Wed, 27 Jul 2011 08:49:35 +0000 (18:49 +1000)]
test-blackbox: Rearrange the arguments in required order for samba-tool time
Python version of samba-tool requires the command and the subcommand to
be specified before the options.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Wed, 27 Jul 2011 08:41:56 +0000 (18:41 +1000)]
samba-tool: Add user password command to change user's own password
This command is a user-level command and differs from setpassword
command which is administrator command.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Wed, 27 Jul 2011 08:38:29 +0000 (18:38 +1000)]
s4-libnet: py_net Add change_password() python command
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Wed, 27 Jul 2011 08:37:14 +0000 (18:37 +1000)]
s4-libnet: py_net - Remove parsing for credentials argument
py_creds are not used anywhere in the function.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Tue, 26 Jul 2011 03:46:17 +0000 (13:46 +1000)]
samba-tool: Python routine to find writable/ldap-capable DC
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Tue, 26 Jul 2011 03:32:03 +0000 (13:32 +1000)]
s4-libcli: Added python interface for file I/O using SMB
This module will support file system access using SMB.
based on smb_composite - loadfile(), savefile()
based on raw - getacl(), setacl()
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Tue, 26 Jul 2011 03:19:29 +0000 (13:19 +1000)]
samba-tool: For samba-tool-c, help lists commands implemented only in C
The rest of the commands are available in python version of samba-tool.
C version of samba-tool is for testing only and will be phased out once
all the commands are ported to python.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Mon, 25 Jul 2011 01:45:14 +0000 (11:45 +1000)]
s4-param: Fix object names for python objects PyLoadparm and PyLoadparmContext
Use the object names <modulename>.<objectname> to correctly generate
the object hierarchy in pydoc.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Thu, 21 Jul 2011 02:32:53 +0000 (12:32 +1000)]
samba-tool: Catch exceptions at top-level and exit with correct return value
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Thu, 21 Jul 2011 02:30:38 +0000 (12:30 +1000)]
samba-tool: Display usage for main commands and list them alphabetically
This makes the MainCommand class similar to SuperCommand class in netcmd.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Thu, 21 Jul 2011 02:21:17 +0000 (12:21 +1000)]
samba-tool: Raise exception on errors and report using base class
Exceptions are captured at top-level samba-tool and reported using
the base class (Command) method show_command_error().
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Thu, 21 Jul 2011 02:15:33 +0000 (12:15 +1000)]
samba-tool: Display Usage line and list commands alphabetically
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Wed, 20 Jul 2011 23:48:30 +0000 (09:48 +1000)]
samba-tool: Replace C version of samba-tool with python version
C version of samba-tool is now called samba-tool-c, which will be
removed as soon as all the samba-tool commands are ported to python.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Wed, 20 Jul 2011 07:07:35 +0000 (17:07 +1000)]
samba-tool: Added python version of samba-tool
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Wed, 20 Jul 2011 04:50:05 +0000 (14:50 +1000)]
s4auth: Fix the object name for Py_Security
Use the object names as <modulename>.<objectname> to correctly generate the
object hierarchy in pydoc.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Wed, 20 Jul 2011 04:48:34 +0000 (14:48 +1000)]
s4auth: Fix the object names for PyCredentials and PyCredentialCacheContainer
Use the object names as <modulename>.<objectname> to correctly generate the
object hierarchy in pydoc.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Wed, 20 Jul 2011 04:44:19 +0000 (14:44 +1000)]
s4auth: Remove duplicate assignment of structure variable
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Fri, 15 Jul 2011 01:25:36 +0000 (11:25 +1000)]
ldb-samba: Allow --show-binary flag on defaultSecurityDescriptor
This allows users to display defaultSecurityDescriptor in fully expanded form.
Pair-Programmed-With: Andrew Tridgell <tridge@samba.org>
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Fri, 15 Jul 2011 01:23:03 +0000 (11:23 +1000)]
ldb: Expose ldb_handler_fold() funcion
This allows creation of derived syntax handlers from the base directory string.
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Amitay Isaacs [Wed, 13 Jul 2011 22:21:19 +0000 (08:21 +1000)]
samba-tool: Reimplement GPO functions in python
Implementation of subcommands - show, getlink, setlink, dellink,
getinheritance, setinheritance
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Giampaolo Lauria [Wed, 27 Jul 2011 19:52:25 +0000 (15:52 -0400)]
samba-tool: Removed newuser
Removed newuser as its functionality has been moved to "user add"
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Giampaolo Lauria [Wed, 27 Jul 2011 19:44:34 +0000 (15:44 -0400)]
samba-tool: updated test suite to account for newuser change
Updated test suite invocations of newuser to "user add" as
the newuser functionality is now being moved to "user add"
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Giampaolo Lauria [Tue, 26 Jul 2011 17:25:58 +0000 (13:25 -0400)]
samba-tool: Changed "user add" implementation
Changed "user add" to use SamDB instead of Net
Also, added the set of Options available in newuser
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Giampaolo Lauria [Mon, 25 Jul 2011 15:56:10 +0000 (11:56 -0400)]
samba-tool: add -H or --URL where necessary
To improve consistency, I've made sure all the commands take either a -H
or --URL when specifying a URL
Signed-off-by: Andrew Tridgell <tridge@samba.org>